def start(self):
""" Do the thing """
start_time = datetime.now()
row_fmt = "{:30} {:30} {:30}"
print 'Bruteforcing Telnet logins ...'
print '-' * 80
print row_fmt.format('password', 'username', 'server')
print '-' * 80
for status, username, password, host, port in self.tuples.tuple_q:
if status:
print row_fmt.format(password, username, host + ':' + str(port))
if self.dbh:
ip = ''
fqdn = ''
typ = cUtil.getTargetType(host)
if typ == cUtil.TTYPE.IP:
ip = host
if typ == cUtil.TTYPE.DOMAIN:
fqdn = host
br = ccd.BruteforceResult(
ip=ip,
fqdn=fqdn,
port=int(port),
username=username,
password=password,
service='telnet',
)
self.dbh.add(br)
#br = ccd.TelnetBruteforceResult(
# host=host,
# port=int(port),
# user=username,
# password=password,
#)
#self.dbh.add(br)
self.tuples.join()
print '-' * 80
print "Finished in %fs" % cUtil.secs(start_time)
def start(self):
""" Do the thing """
start_time = datetime.now()
row_fmt = "{:30}{:30}{:}"
for username, password, target in self.tuples.tuple_q:
print row_fmt.format(password, username, target[0] + ':' + str(target[1]), '')
if self.dbhandler:
host, port = target
ip = ''
fqdn = ''
typ = cUtil.getTargetType(host)
if typ == cUtil.TTYPE.IP:
ip = host
if typ == cUtil.TTYPE.DOMAIN:
fqdn = host
br = ccd.BruteforceResult(
ip=ip,
fqdn=fqdn,
port=int(port),
username=username,
password=password,
service='ssh',
)
#br = ccd.SshBruteforceResult(
# host=target[0],
# port=int(target[1]),
# user=username,
# password=password,
#)
self.dbhandler.add(br)
self.tuples.join()
print("\nfinished in %fs" % cUtil.secs(start_time))
def start(self):
""" Do the thing """
start_time = datetime.now()
row_fmt = "{:30}{:30}{:}"
for username, password, target in self.tuples.tuple_q:
print row_fmt.format(password, username,
target[0] + ':' + str(target[1]), '')
if self.dbhandler:
host, port = target
ip = ''
fqdn = ''
typ = cUtil.getTargetType(host)
if typ == cUtil.TTYPE.IP:
ip = host
if typ == cUtil.TTYPE.DOMAIN:
fqdn = host
br = ccd.BruteforceResult(
ip=ip,
fqdn=fqdn,
port=int(port),
username=username,
password=password,
service='ssh',
)
#br = ccd.SshBruteforceResult(
# host=target[0],
# port=int(target[1]),
# user=username,
# password=password,
#)
self.dbhandler.add(br)
self.tuples.join()
print("\nfinished in %fs" % cUtil.secs(start_time))
def start(self):
""" Do the thing """
start_time = datetime.now()
row_fmt = "{:30} {:30} {:30} | {:30}"
for username, password, host, port, status in self.tuples.tuple_q:
if status:
print row_fmt.format(password, username,
host + ':' + str(port), '')
if self.dbh:
ip = ''
fqdn = ''
typ = cUtil.getTargetType(host)
if typ == cUtil.TTYPE.IP:
ip = host
if typ == cUtil.TTYPE.DOMAIN:
fqdn = host
br = ccd.BruteforceResult(
ip=ip,
fqdn=fqdn,
port=int(port),
username=username,
password=password,
service='mysql',
)
#br = ccd.MysqlBruteforceResult(
# host=host,
# port=int(port),
# user=username,
# password=password,
#)
self.dbh.add(br)
self.tuples.join()
print("\nfinished in %fs" % cUtil.secs(start_time))
def start(self):
""" Do the thing """
start_time = datetime.now()
print '\nStarting bruteforce'
row_fmt = "{:30} {:30} {:30}"
print '-' * 80
print 'Real logins:'
print row_fmt.format('password', 'username', 'target')
print '-' * 80
for success, code, user, password, host, port in self.tuples.tuple_q:
# we actually found sth.
if success:
print row_fmt.format(password, user, host + ':' + str(port))
# add creds to database
if self.dbh:
ip = ''
fqdn = ''
typ = cUtil.getTargetType(host)
if typ == cUtil.TTYPE.IP:
ip = host
if typ == cUtil.TTYPE.DOMAIN:
fqdn = host
br = ccd.BruteforceResult(
ip=ip,
fqdn=fqdn,
port=int(port),
username=user,
password=password,
service='ftp',
)
#br = ccd.FtpBruteforceResult(
# host=host,
# port=int(port),
# user=user,
# password=password,
#)
self.dbh.add(br)
self.tuples.join()
if self.anon:
print '-' * 80
print 'Anonymous logins:'
print row_fmt.format('password', 'username', 'target')
print '-' * 80
while True:
try:
target, passw, user = self.anon_q.get_nowait()
except:
break
host, port = target
print row_fmt.format(passw, user, host + ':' + str(port))
# add creds to database
if self.dbh:
ip = ''
fqdn = ''
typ = cUtil.getTargetType(host)
if typ == cUtil.TTYPE.IP:
ip = host
if typ == cUtil.TTYPE.DOMAIN:
fqdn = host
br = ccd.BruteforceResult(
ip=ip,
fqdn=fqdn,
port=int(port),
username=user,
password=passw,
service='ftp',
)
#br = ccd.FtpBruteforceResult(
# host=host,
# port=int(port),
# user=user,
# password=passw,
#)
self.dbh.add(br)
print("\nfinished in %fs" % cUtil.secs(start_time))
def parse_arguments(self, args):
"""parse all command line arguments"""
parser = argparse.ArgumentParser(
formatter_class=argparse.RawTextHelpFormatter,
prog=__plgname__,
description="Bruteforce pop3 logins",
epilog="""Examples:
popbruteforce.plg -t pop.test.local -u [email protected] -p password
popbruteforce.plg -t pop.test.local -P pass.txt -U user.txt -nt 20
"""
)
parser.add_argument(
"-t",
help="target server address or hostname",
dest='target',
required=True,
)
parser.add_argument(
"-port",
help="port number, use 110 in combination with NOSSL/STARTTLS, 995 with SSL crypto",
dest='port',
type=int,
default=-1,
required=False,
)
parser.add_argument('-delay',
help='delay in between requests',
dest='delay',
default=0.0,
type=float
)
parser.add_argument('-u',
help='usernames',
default=[],
nargs='+',
dest='users',
)
parser.add_argument('-p',
help='passwords',
default=[],
nargs='+',
dest='passw',
)
parser.add_argument('-U',
help='file containing one username per line',
default='',
dest='user_fn',
)
parser.add_argument('-P',
help='file containing one password per line',
default='',
dest='passw_fn',
)
parser.add_argument(
"-c",
help="cryptolayer STARTTLS/SSL/NOSSL (default SSL)",
dest='crypto',
default='SSL'
)
parser.add_argument(
"-nt",
help="thread count",
dest='nthreads',
type=int,
default=1,
required=False,
)
if not args:
parser.print_help()
sys.exit(1)
arguments, _ = parser.parse_known_args(args)
typ = cUtil.getTargetType(arguments.target)
if typ == cUtil.TTYPE.DOMAIN:
self.host = socket.gethostbyname(arguments.target)
self.fqdn = arguments.target
elif typ == cUtil.TTYPE.IP:
self.host = arguments.target
self.fqdn = ''
else:
print 'Invalid Target %s' % arguments.target
self.port = arguments.port
if (arguments.crypto):
self.cryptolayer = str(arguments.crypto.upper())
if self.port < 0:
if self.cryptolayer == 'SSL':
self.port = 995
else:
self.port = 110
test.port = self.port
test.host = self.host
test.cryptolayer = self.cryptolayer
try:
ig_users = cTuples.cInputGenerator(data=arguments.users,
filename=arguments.user_fn,
expand_cb=test,
prepare_cb=lambda x: x.strip(),
maxthreads=arguments.nthreads,
circle=False)
except cTuples.ENoInput:
print 'Error: No Usernames specified, please use the -u/U parameter to set usernames(s)'
sys.exit(1)
try:
ig_passw = cTuples.cInputGenerator(data=arguments.passw,
filename=arguments.passw_fn,
prepare_cb=lambda x: x.strip(),
maxthreads=arguments.nthreads,
circle=True)
except cTuples.ENoInput:
print 'Error: No Passwords specified, please use the -p/P parameter to set password(s)'
sys.exit(1)
ig_users.start()
ig_passw.start()
self.tuples = cTuples.cTuples(inputs=[ig_users, ig_passw], prep_callback=brute, delay=arguments.delay)
self.tuples.start()